139.162.11.43 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Linode LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Honeypot hit.	2020-02-09 09:55:29

相同子网IP讨论:

IP	类型	评论内容	时间
139.162.111.98	spamattack	Unauthorized connection attempt detected from IP address 139.162.111.98 to port 8080	2020-11-19 17:15:48
139.162.116.133	attack	Malicious brute force vulnerability hacking attacks	2020-10-14 07:39:12
139.162.112.248	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-06 04:15:47
139.162.114.154	attackbots	TCP (SYN) 139.162.114.154:55866 -> port 80, len 40	2020-10-06 03:23:05
139.162.112.248	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 8080 8080	2020-10-05 20:15:14
139.162.114.154	attackbots	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=45266 . dstport=80 HTTP . (890)	2020-10-05 19:16:07
139.162.112.248	attackspambots	TCP (SYN) 139.162.112.248:50227 -> port 8080, len 44	2020-10-05 12:06:17
139.162.116.22	attackbotsspam	TCP (SYN) 139.162.116.22:35955 -> port 1755, len 44	2020-09-26 06:20:18
139.162.116.22	attackspam	TCP port : 1755	2020-09-25 23:22:16
139.162.116.22	attackspam	Found on Alienvault / proto=6 . srcport=45465 . dstport=1755 . (3629)	2020-09-25 15:00:43
139.162.116.133	attackspambots	Automatic report - Banned IP Access	2020-09-08 04:27:28
139.162.116.133	attackspam	srvr2: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 18:45:21 [error] 75202#0: 153186 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159941072171.478932"] [ref "o0,14v21,14"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-07 20:06:17
139.162.118.185	attackspam	Auto Detect Rule! proto TCP (SYN), 139.162.118.185:48116->gjan.info:22, len 40	2020-09-06 03:37:48
139.162.118.185	attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(09051147)	2020-09-05 19:16:50
139.162.116.133	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/29 15:49:44 [error] 27704#0: 112472 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "15987161847.535630"] [ref "o0,13v21,13"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-30 03:07:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.11.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53316
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.162.11.43.			IN	A

;; AUTHORITY SECTION:
.			426	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020801 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 09 09:55:26 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

43.11.162.139.in-addr.arpa domain name pointer li853-43.members.linode.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
43.11.162.139.in-addr.arpa	name = li853-43.members.linode.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.186.15.110	attack	Sep 4 00:16:02 ubuntu-2gb-nbg1-dc3-1 sshd[8933]: Failed password for root from 222.186.15.110 port 24854 ssh2 Sep 4 00:16:06 ubuntu-2gb-nbg1-dc3-1 sshd[8933]: error: maximum authentication attempts exceeded for root from 222.186.15.110 port 24854 ssh2 [preauth] ...	2019-09-04 06:18:06
49.88.112.78	attackbotsspam	2019-09-03T21:56:52.644190Z 174d49d7ac3b New connection: 49.88.112.78:48910 (172.17.0.2:2222) [session: 174d49d7ac3b] 2019-09-03T22:11:36.192089Z 73feb56dcc3e New connection: 49.88.112.78:18879 (172.17.0.2:2222) [session: 73feb56dcc3e]	2019-09-04 06:22:31
129.226.52.214	attackbots	Sep 3 20:34:10 vtv3 sshd\[5868\]: Invalid user jp123 from 129.226.52.214 port 36192 Sep 3 20:34:10 vtv3 sshd\[5868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.52.214 Sep 3 20:34:12 vtv3 sshd\[5868\]: Failed password for invalid user jp123 from 129.226.52.214 port 36192 ssh2 Sep 3 20:38:45 vtv3 sshd\[8222\]: Invalid user 123456 from 129.226.52.214 port 53824 Sep 3 20:38:45 vtv3 sshd\[8222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.52.214 Sep 3 20:55:52 vtv3 sshd\[17289\]: Invalid user test_user1 from 129.226.52.214 port 44352 Sep 3 20:55:52 vtv3 sshd\[17289\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.52.214 Sep 3 20:55:54 vtv3 sshd\[17289\]: Failed password for invalid user test_user1 from 129.226.52.214 port 44352 ssh2 Sep 3 21:00:28 vtv3 sshd\[19634\]: Invalid user bot123 from 129.226.52.214 port 33738 Sep 3 21:00:28 vtv3 sshd	2019-09-04 06:36:07
187.190.235.43	attack	Jul 11 14:38:25 Server10 sshd[18429]: User root from 187.190.235.43 not allowed because not listed in AllowUsers Jul 11 14:38:25 Server10 sshd[18429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.190.235.43 user=root Jul 11 14:38:27 Server10 sshd[18429]: Failed password for invalid user root from 187.190.235.43 port 39749 ssh2 Jul 11 14:40:52 Server10 sshd[21233]: Invalid user operador from 187.190.235.43 port 49697 Jul 11 14:40:52 Server10 sshd[21233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.190.235.43 Jul 11 14:40:54 Server10 sshd[21233]: Failed password for invalid user operador from 187.190.235.43 port 49697 ssh2	2019-09-04 06:35:07
82.188.133.50	attackbots	imap-login: Disconnected \(auth failed, 1 attempts in 5	2019-09-04 06:32:03
116.203.79.91	attack	"Fail2Ban detected SSH brute force attempt"	2019-09-04 06:52:58
185.166.215.101	attack	Sep 3 22:39:30 game-panel sshd[10916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.166.215.101 Sep 3 22:39:32 game-panel sshd[10916]: Failed password for invalid user test from 185.166.215.101 port 47186 ssh2 Sep 3 22:43:41 game-panel sshd[11143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.166.215.101	2019-09-04 06:59:41
46.219.3.139	attackbotsspam	Sep 3 23:40:20 yabzik sshd[10473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.219.3.139 Sep 3 23:40:22 yabzik sshd[10473]: Failed password for invalid user mich from 46.219.3.139 port 58370 ssh2 Sep 3 23:45:00 yabzik sshd[11703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.219.3.139	2019-09-04 06:37:26
92.62.139.103	attackspambots	2019-09-03T22:06:14.700714abusebot-2.cloudsearch.cf sshd\[6659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.62.139.103 user=root	2019-09-04 06:12:09
113.199.40.202	attack	Feb 11 01:37:50 vtv3 sshd\[20279\]: Invalid user server from 113.199.40.202 port 45805 Feb 11 01:37:50 vtv3 sshd\[20279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202 Feb 11 01:37:51 vtv3 sshd\[20279\]: Failed password for invalid user server from 113.199.40.202 port 45805 ssh2 Feb 11 01:43:35 vtv3 sshd\[21794\]: Invalid user service from 113.199.40.202 port 40828 Feb 11 01:43:35 vtv3 sshd\[21794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202 Feb 12 09:06:06 vtv3 sshd\[4224\]: Invalid user advent from 113.199.40.202 port 59582 Feb 12 09:06:06 vtv3 sshd\[4224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202 Feb 12 09:06:08 vtv3 sshd\[4224\]: Failed password for invalid user advent from 113.199.40.202 port 59582 ssh2 Feb 12 09:11:56 vtv3 sshd\[5734\]: Invalid user bbs from 113.199.40.202 port 54600 Feb 12 09:11:56 vtv3 sshd\[5734\	2019-09-04 06:23:05
220.134.138.111	attack	Sep 3 22:40:20 dev0-dcfr-rnet sshd[26582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.138.111 Sep 3 22:40:23 dev0-dcfr-rnet sshd[26582]: Failed password for invalid user crm from 220.134.138.111 port 43116 ssh2 Sep 3 22:45:22 dev0-dcfr-rnet sshd[26699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.138.111	2019-09-04 06:23:45
212.154.86.139	attackbotsspam	2019-09-03T18:14:21.914451mizuno.rwx.ovh sshd[21242]: Connection from 212.154.86.139 port 57366 on 78.46.61.178 port 22 2019-09-03T18:14:22.485550mizuno.rwx.ovh sshd[21242]: Invalid user hadoop from 212.154.86.139 port 57366 2019-09-03T18:14:22.493664mizuno.rwx.ovh sshd[21242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.154.86.139 2019-09-03T18:14:21.914451mizuno.rwx.ovh sshd[21242]: Connection from 212.154.86.139 port 57366 on 78.46.61.178 port 22 2019-09-03T18:14:22.485550mizuno.rwx.ovh sshd[21242]: Invalid user hadoop from 212.154.86.139 port 57366 2019-09-03T18:14:24.212504mizuno.rwx.ovh sshd[21242]: Failed password for invalid user hadoop from 212.154.86.139 port 57366 ssh2 ...	2019-09-04 06:55:36
139.59.84.55	attack	Sep 4 01:17:05 www4 sshd\[65173\]: Invalid user ksb from 139.59.84.55 Sep 4 01:17:05 www4 sshd\[65173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.55 Sep 4 01:17:08 www4 sshd\[65173\]: Failed password for invalid user ksb from 139.59.84.55 port 41510 ssh2 ...	2019-09-04 06:43:14
106.12.38.109	attackspambots	Sep 3 21:38:54 MK-Soft-VM7 sshd\[27834\]: Invalid user teddy from 106.12.38.109 port 56844 Sep 3 21:38:54 MK-Soft-VM7 sshd\[27834\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.109 Sep 3 21:38:56 MK-Soft-VM7 sshd\[27834\]: Failed password for invalid user teddy from 106.12.38.109 port 56844 ssh2 ...	2019-09-04 06:15:09
113.160.244.144	attackspam	Sep 3 18:34:31 plusreed sshd[24644]: Invalid user aastorp from 113.160.244.144 ...	2019-09-04 06:39:44

最近上报的IP列表

170.246.152.4	139.59.67.82	36.79.43.159	183.187.94.212
118.70.117.156	168.62.171.57	41.203.96.141	107.173.194.163
185.253.214.110	193.191.56.114	129.245.137.39	236.201.70.196
81.205.5.14	131.102.218.99	135.146.97.179	45.160.7.29
2001:171b:c9ae:b0b0:a827:c4f4:a955:aa41	80.114.229.71	29.63.147.223	89.101.235.233